artsy-auth 0.1.7 → 0.1.8
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +10 -9
- data/lib/artsy-auth.rb +2 -2
- data/lib/artsy-auth/{application_controller.rb → authenticated.rb} +8 -2
- data/lib/artsy-auth/session_controller.rb +2 -3
- data/lib/artsy-auth/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 7a2f2591b274cf4eba66d78b563365f51341cbaf
|
|
4
|
+
data.tar.gz: 38ba2fbbfe919ef424cfa0c1f8a8b7e07d11fc8c
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: b35055a3b5ab3b5e3de9f1a6e0454d5d45fda0977c2f117a620c0b2e057979fba571c621306117ec1215358c91dc48206a009a13a5c3a97c9e86cfca6e963088
|
|
7
|
+
data.tar.gz: df30a0ef5f1c67da6ae1635967043770191712fc3118f2ba0ed0d6f4bd91283a911ebced4ba82912f04255579cd4f30efd03ec247457969995a0f0a504690cbb
|
data/README.md
CHANGED
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
Ruby Gem for adding Artsy's omniauth based authentication to your app.
|
|
4
4
|
|
|
5
5
|
## Installation
|
|
6
|
-
Add following line to your Gemfile
|
|
6
|
+
Add following line to your Gemfile.
|
|
7
7
|
|
|
8
8
|
```
|
|
9
9
|
gem 'artsy-auth'
|
|
@@ -32,26 +32,27 @@ You also need to mount session related endpoints to your app, in your `config/ro
|
|
|
32
32
|
mount ArtsyAuth::Engine => '/'
|
|
33
33
|
```
|
|
34
34
|
|
|
35
|
-
In order to force authentication, you need to
|
|
35
|
+
In order to force authentication, you need to include 'ArtsyAuth::Authenticated' in your controller, you also need to add (override) `authorized_artsy_token?` method there which gets a token and in your app you need to define how do you authorize that token, for example:
|
|
36
36
|
```ruby
|
|
37
37
|
class ApplicationController < ArtsyAuth::ApplicationController
|
|
38
38
|
# Prevent CSRF attacks by raising an exception.
|
|
39
39
|
protect_from_forgery with: :exception
|
|
40
40
|
|
|
41
|
-
#
|
|
41
|
+
# This will make sure calls to this controller have proper session data
|
|
42
|
+
# if they don't it will redirect them to oauth url and once authenticated
|
|
43
|
+
# on successful authentication we'll call authorized_artsy_token
|
|
44
|
+
include ArtsyAuth::Authenticated
|
|
45
|
+
|
|
46
|
+
# override application to decode token and allow only users with `tester` role
|
|
42
47
|
def authorized_artsy_token?(token)
|
|
43
48
|
decoded_token, _headers = JWT.decode(token, 'some-secret')
|
|
44
49
|
decoded_token['roles'].include? 'tester'
|
|
45
50
|
end
|
|
46
51
|
end
|
|
47
52
|
```
|
|
48
|
-
Note that this will add authentication to all of your controllers, if you want to skip Artsy's authentication for specific controller you can skip it in your controller by adding:
|
|
49
|
-
```ruby
|
|
50
|
-
class TestController
|
|
51
|
-
skip_before_action :require_artsy_authentication
|
|
52
|
-
end
|
|
53
|
-
```
|
|
54
53
|
|
|
54
|
+
# Update From Version < 0.1.7
|
|
55
|
+
In previous versions you would change your `ApplicationController` to inherit from `ArtsyAuth::ApplicationController`, with versions > `0.1.7` you need to `include ArtsyAuth::Authenticated` like the example above.
|
|
55
56
|
|
|
56
57
|
# Contributing
|
|
57
58
|
|
data/lib/artsy-auth.rb
CHANGED
|
@@ -1,8 +1,8 @@
|
|
|
1
|
+
require 'artsy-auth/authenticated'
|
|
1
2
|
require 'artsy-auth/config'
|
|
2
3
|
require 'artsy-auth/engine'
|
|
3
|
-
require 'artsy-auth/version'
|
|
4
|
-
require 'artsy-auth/application_controller'
|
|
5
4
|
require 'artsy-auth/session_controller'
|
|
5
|
+
require 'artsy-auth/version'
|
|
6
6
|
|
|
7
7
|
module ArtsyAuth
|
|
8
8
|
end
|
|
@@ -1,6 +1,12 @@
|
|
|
1
1
|
module ArtsyAuth
|
|
2
|
-
|
|
3
|
-
|
|
2
|
+
module Authenticated
|
|
3
|
+
extend ActiveSupport::Concern
|
|
4
|
+
|
|
5
|
+
included do
|
|
6
|
+
before_action :require_artsy_authentication
|
|
7
|
+
end
|
|
8
|
+
|
|
9
|
+
private
|
|
4
10
|
|
|
5
11
|
def require_artsy_authentication
|
|
6
12
|
if session[:access_token]
|
|
@@ -1,6 +1,5 @@
|
|
|
1
1
|
module ArtsyAuth
|
|
2
|
-
class SessionsController <
|
|
3
|
-
skip_before_action :require_artsy_authentication
|
|
2
|
+
class SessionsController < ActionController::Base
|
|
4
3
|
def create
|
|
5
4
|
session[:user_id] = auth_hash['uid']
|
|
6
5
|
session[:email] = auth_hash['info']['raw_info']['email']
|
|
@@ -19,4 +18,4 @@ module ArtsyAuth
|
|
|
19
18
|
request.env['omniauth.auth']
|
|
20
19
|
end
|
|
21
20
|
end
|
|
22
|
-
end
|
|
21
|
+
end
|
data/lib/artsy-auth/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: artsy-auth
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.8
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Artsy
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-
|
|
11
|
+
date: 2017-06-07 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: omniauth-oauth2
|
|
@@ -134,7 +134,7 @@ files:
|
|
|
134
134
|
- config/initializers/omniauth.rb
|
|
135
135
|
- config/routes.rb
|
|
136
136
|
- lib/artsy-auth.rb
|
|
137
|
-
- lib/artsy-auth/
|
|
137
|
+
- lib/artsy-auth/authenticated.rb
|
|
138
138
|
- lib/artsy-auth/config.rb
|
|
139
139
|
- lib/artsy-auth/engine.rb
|
|
140
140
|
- lib/artsy-auth/session_controller.rb
|